b0w3rb0w3r
Reputation: 937
Querying MySQL table using dynamic variables
I am trying to Query a MySQL table to to bring any result that matches data that the user has input. The database,table and column names are also dynamically stored in variables. var_dump produces a bool(false) which means my query is wrong.
My Code
if (isset ( $_POST ['name'] )) {
$name = trim ( $_POST ['name'] );
$tblName = $_REQUEST ['tbl'];
$colqry = "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_SCHEMA = '$dbName' AND TABLE_NAME = '$tblName'";
echo "<ul>";
$col_names = mysqli_query ( $link, $colqry );
while ( $col = mysqli_fetch_array ( $col_names, MYSQL_ASSOC ) ) {
$colName = $col ['COLUMN_NAME'];
$tblQry = "SELECT * FROM $tblName WHERE $colName=$name LIMIT 10";
$query2 = mysqli_query ($link, $tblQry);
echo $query2;
while ( $query3 = mysqli_fetch_array ( $query2 ) ) {
echo "<li onclick=fill'" . $query3 [0] . "'>" . $query3 [0] . "</li>";
}
}
}
What I want to achieve is list a table where the search terms matches something on the table either the column name or the data inside the columns
Upvotes: 2
Views: 393
Answers (1)
Funk Forty Niner
Reputation: 74217
This line:
$tblQry = "SELECT * FROM $tblName WHERE $colName=$name LIMIT 10";
Quote the $name variable:
so it reads as WHERE $colName='$name'
You can then use $query3[$colname] to get the search match you're looking for.
For more information on identifer qualifiers, visit:
Upvotes: 2
Related Questions
- Create a dynamic mysql query using php variables
- Dynamic MySQL Query with PHP
- Query with variables in MySQL
- MySQL WHERE based on PHP variable
- Dynamic query using PHP, MYSQL
- Using PHP variables dynamically in MySQL statements
- Dynamic MySQL query
- PHP and mysql query with a dynamic variable
- PHP and MYSQL - Querying A Variable
- MySQL passing variable to dynamic query